RHBA-2022:6718 - Bug Fix Advisory

Topic

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.9.11 on Red Hat Enterprise Linux 8 from Red Hat Container Registry.

Description

Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.

Bug Fixes:

• Previously, the Openshift Data Foundation tab was visible to unprivileged users on OpenShift Container Platform dashboard. Users who do not have read or write access to `openshift-storage` namespace would see an empty dashboard when they navigated to the Openshift Data Foundation dashboard pages. With this update, the Data Foundation tab under Storage is no longer visible to unprivileged users. (BZ#2116264)
• Previously, Multicloud Object Gateway endpoints were getting killed due to a small memory leak for every PUT operation. With this update, this issue has been fixed. (BZ#2111852)

Enhancements:

• With this update, you can set a flag, `true` or `false` to indicate whether the OSD can be forcefully removed or not. By default, the flag is set to `false` and this ensures that there is no data loss due to accidental removal of the OSD. When the OSD removal fails and and if you are sure that the OSD needs to be removed, then you set the flag to `true` and run the job again. (BZ#2120260)
• With this enhancement, OSDs cannot be purged unless all the data (PGs) from the OSD is already recovered to other OSDs or the --force flag is passed to the OSD removal job. This avoids the risk of data loss particularly if multiple OSDs are removed at the same time. (BZ#2027396)

All users of Red Hat OpenShift Data Foundation are advised to upgrade to
these updated images, which provide these bug fixes.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

• Red Hat OpenShift Data Foundation 4 for RHEL 8 x86_64
• Red Hat OpenShift Data Foundation for IBM Power, little endian 4 for RHEL 8 ppc64le
• Red Hat OpenShift Data Foundation for IBM Z and LinuxONE 4 for RHEL 8 s390x

Fixes

• BZ - 2027396 - [4.9.z clone] [Data Loss] Use ceph 'osd safe-to-destroy' and 'osd ok-to-stop' feature in OSD purge job
• BZ - 2116264 - [4.9 backport of 2103975] [GSS] The OCP dashboard is showing the "Openshift Data Foundation" to unpriviledged users
• BZ - 2120260 - [4.9.z clone] OSD Removal template needs to expose option to force remove the OSD
• BZ - 2123845 - Include at ODF 4.9 container images (3) the RHEL8 CVE fix on "rsync"
• BZ - 2123846 - Include at ODF 4.9 container images (11) the RHEL8 CVE fix on "systemd"

CVEs

• CVE-2021-40528
• CVE-2022-1292
• CVE-2022-1586
• CVE-2022-1785
• CVE-2022-1897
• CVE-2022-1927
• CVE-2022-2068
• CVE-2022-2097
• CVE-2022-2526
• CVE-2022-25313
• CVE-2022-25314
• CVE-2022-29154
• CVE-2022-29824
• CVE-2022-32206
• CVE-2022-32208

References

(none)